Proceedings of the 28th Annual ACM Symposium on Applied Computing 2013
DOI: 10.1145/2480362.2480667
|View full text |Cite
|
Sign up to set email alerts
|

An efficient similarity comparison based on core API calls

Abstract: Software birthmarks are unique and native characteristics of a binary executable program that can be used for detecting software piracy. API (Application Programming Interface) calls in an MS Windows binary executable can be used as software birthmarks when there are no source codes available to detect software similarity. However, it is inefficient to extract birthmarks from all API calls during the execution of a binary executable. In this paper, we propose an efficient scheme for comparing software similari… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2015
2015
2020
2020

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(2 citation statements)
references
References 7 publications
0
2
0
Order By: Relevance
“…Core-API birthmark : Jang et al [8] proposed a core-API based birthmark. Similar to EXEFRQ, they also captured the frequency of every API call in runtime.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…Core-API birthmark : Jang et al [8] proposed a core-API based birthmark. Similar to EXEFRQ, they also captured the frequency of every API call in runtime.…”
Section: Related Workmentioning
confidence: 99%
“…A static birthmark is extracted through disassemble of a program without its execution while a dynamic birthmark is extracted from the runtime behavior of a program [2] obtained by executing it. Birthmarks can be also categorized into sequence-based birthmarks [4,5,6], frequency-based birthmarks [4,7,8], and graph-based birthmarks [2,9,10,11].…”
Section: Introductionmentioning
confidence: 99%